Filters
total: 422
filtered: 407
-
Catalog
Chosen catalog filters
Search results for: SECURITY EVALUATION
-
An integrated method for security protocols analysis
Publication -
Architecture supporting security of agent systems
PublicationW rozprawie zaproponowano nową architekturę bezpieczeństwa wspomagającą anonimowość w systemach agentowych. Moduł I architektury zapewnia funkcjonalność protokołu ochrony przed tropieniem (ang. untraceability), z tą zaletą, że nie wprowadza ograniczeń wobec agentów samodzielnie ustalających trasę własnej wędrówki. Stanowi rdzeń architektury, który zaimplementowano jako rozszerzenie platformy agentowej JADE, udostępniane publicznie...
-
Aspects of maritime security and safety of Poland
PublicationReferat przedstawia wybrane aspekty morskiego bezpieczeństwa Polski. Prezentacja problematyki jest ukierunkowana na problemy techniczne związane z bezpieczeństwem, pozostawiając na uboczu problemy prawne, logistyczne i społeczne. Na wstępie przedstawiono analizę zagrożeń dla bezpieczeństwa Bałtyku. Następnie opisano wybrane instytucje odpowiedzialne za morskie bezpieczeństwo Polski, ze szczegółowym uwzględnieniem Morskiej Straży...
-
Indo-French Defence and Security Partnership
Publication -
The Impact of Terrorism on International Peace and Security
Publication -
E-Voting System Evaluation Based on the Council of Europe Recommendations: nVotes
PublicationE-voting implantation has been facing important challenges in recent years. Several incidents, together with a lack of evaluation methodologies social and cultural customs hinder a broader application. In this work, the authors aim to contribute to a safer introduction of e-voting tools by applying a practical evaluation framework strongly based on the security requirements issued by the Council of Europe (CoE) in 2017 to nvotes,...
-
Adapting Agile Practices to Security Context – Practitioners’ Perspective
PublicationIn this paper we explore the problem of introducing agile practices to projects dealing with systems with high security requirements. We also propose an approach based on AgileSafe method and OWASP ASVS guidelines, that could support such introduction. What is more, we present the results of two surveys aimed at analyzing IT practitioners’ views on applying agile methods to security reliant systems as well as evaluating the set...
-
Is Artificial Intelligence Ready to Assess an Enterprise’s Financial Security?
PublicationThis study contributes to the literature on financial security by highlighting the relevance of the perceptions and resulting professional judgment of stakeholders. Assessing a company’s financial security using only economic indicators—as suggested in the existing literature—would be inaccurate when undertaking a comprehensive study of financial security. Specifically, indices and indicators based on financial or managerial reporting...
-
Portable raman spectrometer for maritime security applications
PublicationThe fast identification of explosives, narcotics and other chemicals carried on board of ships or transported in containers to the harbors is an important problem of maritime security. Raman spectroscopy is widely used for fast identification of various chemicals. Continuous progress in the field of photonics has resulted in commercial availability of low-power compact Raman spectrometers which can be integrated into portable systems....
-
Managing the security vulnerabilities of critical systems and hazardous plants
PublicationRozdział poświęcono aktualnym problemom zarządzania ochroną obiektów podwyższonego ryzyka jako ważnych systemów infrastruktury krytycznej. Zarządzanie odpornością na ataki takich obiektów jest oparte na ocenach ryzyka. Podkreśla się, że występują ważne instalacje i systemy wymagające specjalnej uwagi i zabezpieczeń, szczególnie systemy kontroli dostępu do sterowni i urządzeń komunikacji. Opisuje się przykładowe technologie ochrony....
-
Security-oriented agile approach with AgileSafe and OWASP ASVS
PublicationIn this paper we demonstrate a security enhancing approach based on a method called AgileSafe that can be adapted to support the introduction of OWASP ASVS compliant practices focused on improving security level to the agile software development process. We also present results of the survey evaluating selected agile inspired security practices that can be incorporated into an agile process. Based on the survey’s results, these...
-
Approach to security assessment of critical infrastructures' information systems
PublicationThis study presents an approach to the security assessment of the information systems of critical infrastructures. The approach is based on the faithful reconstruction of the evaluated information system in a computer security laboratory followed by simulations of possible threats against the system. The evidence collected during the experiments, stored and organised using a proprietary system InSAW, may later be used for the creation...
-
Functional safety and security assessment of the control and protection systems
PublicationW artykule zostały poruszone kluczowe aspekty integracji podejścia bezpieczeństwa funkcjonalnego ''safety'' i ochrony informacji ''security'' w rozproszonych systemach sterowania i zabezpieczeniowych. Próba integracji zagadnień ''safety'' @ ''security'' została zilustrowana na przykładzie systemu monitoringu i zabezpieczeń pracującego w obiekcie podwyższonego ryzyka.
-
ASSESSMENT OF FINANCIAL SECURITY OF AN ENTERPRISE ON THE BASIS OF BEHAVIORAL ECONOMICS
PublicationThe article substantiates that the level of company’s financial security depends not so much on the indicators of its activity, but on its perception of decision-makers and other stakeholders. At the same time, this perception is formed due to the continuous participation of the stakeholder in operations, constant monitoring of financial indicators, the study of current approaches to enterprise management, changes in the environment,...
-
Approaching Secure Industrial Control Systems
PublicationThis study presents a systematic approach to secure industrial control systems based on establishing a business case followed by the development of a security programme. To support these two fundamental activities the authors propose a new method for security cost estimation and a security assessment scheme. In this study they explain the cost evaluation technique and illustrate with a case study concerning the assessment of the...
-
Integrated monitoring, control and security of Critical Infrastructure Systems
PublicationModern societies have reached a point where everyday life relies heavily on desired operation of critical infrastructures, in spite of accidental failures and/or deliberate attacks. The issue of desired performance operation of CIS at high security level receives considerable attention worldwide. The pioneering generic methodologies and methods are presented in the paper project for designing systems capable of achieving these...
-
User Trust Levels and Their Impact on System Security and Usability
PublicationA multilateral trust between a user and a system is considered. First of all we concentrate on user trust levels associated with the context-oriented CoRBAC model. Consequently, there were computed user profiles on the basis of its implementation in the information processing system “My GUT”. Furthermore, analysis of these profiles and the impact of user trust levels on system security and usability have been discussed.
-
Software modules and application layer's security structure of RSMAD
PublicationThe paper discusses the software modules of Radio System for Monitoring and Acquisition of Data from Traffic Enforcement Cameras (in short RSMAD). The structure of the application layer of the system has also been analysed in details, including: purpose, structure and principles of operation of software modules constituting this system. In addition, the paper presents and discusses the structure of security of application layer...
-
Uncertainty assessment in the safety and security oriented risk analyses
PublicationW artykule przedstawiono uwzględnienie oceny niepewności w procesie związanym z analizą ryzyka i analizą bezpieczeństwa oraz ochroną informacji. Przedstawiona została koncepcja oceny bezpieczeństwa i zarządzania ryzykiem z uwzględnieniem analizy warstw zabezpieczeń LOPA. W artykule nakreślono wyzwania związane z integracją podejścia oceny bezpieczeństwa (safety) i ochrony informacji (security) w projektowaniu systemów zabezpieczeń...
-
Supporting Compliance with Security Standards by Trust Case Templates
PublicationTrust Cases are used to justify that a given object (a system, an infrastructure, an organization) exhibits certain properties. One of possible applications of trust cases is related to the processes of achieving and demonstrating the compliance with standards. A Trust Case Template derived from a given standard constitutes a skeleton of justification (encompassing evidence and argumentation) of the compliance with the standard....
-
Anti-theft lab security system based on RFID
PublicationThe aim of the project is to design and create an electronic system, which can be used to protect laboratory equipment against theft. The main task of the system is to warn a person responsible for the facilities about any attempts made to steal equipment from a laboratory. In a case of an alarm situation, the system emits a sound signal. The concept of the anti-theft security system based on RFID was developed on the basis of...
-
Lab security improvement using RFID technologies
PublicationTechnologia RFID stanowi nie tylko technologię bliźniaczą w stosunku do kodów paskowych, ale posiada również dodatkowe cechy takie jak zdalna identyfikacja przy użyciu fal radiowych. Technologia ta staje się coraz bardziej dostępna i koszty jej wdrożenia są coraz mniejsze. W artykule przedstawiono wykorzystanie technologii RFID do ochrony sprzętu laboratoryjengo przed kradzieżą. Zawarto opis laboratorium wyposażonego w urządzenia...
-
The Sense of Security of the Prison Service Offi cers
Publication -
Water resources security and management for sustainable communities
Publication -
Climate Changes in Southeastern Poland and Food Security
Publication -
Network-centric warfare: a strategy for homeland security
PublicationPojawienie się międzynarodowego terroryzmu skutkuje nowym podejście do identyfikacji potencjalnych zagrożeń dla bezpieczeństwa krajowego. Powstał strategiczny dylemat - jak zidentyfikować przeciwnika? Utworzono pojęcie asymetrycznego zagrożenia i, w konsekwencji, asymetrycznej wojny. Z dużym prawdopodobieństwem można założyć, że kolejne zagrożenia będą dotyczyć takich elementów krajowej infrastruktury, jak źródła energii, elektrownie,...
-
Web-based marine gis for littoral security
PublicationW artykule opisano koncepcję oraz przykładowe zastosowania systemu informacji geograficznej umożliwiającego zbieranie, przetwarzanie, integrowanie oraz wizualizację danych pochodzących z pomiarów bezpośrednich, obrazów lotniczych i satelitarnych oraz systemów hydroakustycznych.Przedstawiono przykłady zastosowania systemu w dziedzinie ochrony strefy przybrzeżnej takie, jak: -monitoring rozprzestrzeniania wylewu olejowego, -monitoring...
-
Functional safety and security management in critical systems
PublicationGłównym celem referatu jest przedstawienie wybranych kwestii zarządzania bezpieczeństwem i ochroną w systemach podwyższonego ryzyka i systemach krytycznych. Zarysowuje się kilka praktycznych problemów analizy bezpieczeństwa funkcjonalnego w celu podejmowania decyzji zgodnie z normami międzynarodowymi IEC 61508 i IEC 61511. Podkreśla się, że aspekty związane z ochroną powinny być starannie rozpatrzone zarówno w fazie projektowania,...
-
Sectarianism as a Factor Shaping Persian Gulf Security
Publication -
Assessment of port facilities security in crisis management
PublicationZ punktu widzenia transportu międzynarodowego oraz przemysłowego charakteru systemu portowego, bezpieczeństwo obiektów portowych stanowi ważny element zarówno w zarządzaniu strategicznym portów morskich, jak również element ogólnej koncepcji zarządzania kryzysowego w ujęciu lokalnym, regionalnym, krajowym i międzynarodowym. W celu zapewnienia bezpieczeństwa portów morskich, muszą być prowadzone działania w celu przygotowania administracji...
-
Security level estimation as a function of residual risks
PublicationArtykuł przedstawia sposób oceny poziomu bezpieczeństwa organizacji IT w oparciu o metodę oceny ryzyka. Opisane są podstawowe kroki wspomnianej metody, proponowane rozwiązania i zastosowania. Zaproponowano prosty sposób oceny bezpieczeństwa systemów informatycznych organizacji w oparciu o wielkość wyznaczoną na podstawie wyliczonego ryzyka rezydualnego tychże systemów.
-
Data Model Development for Security Information Sharing in Smart Grids
PublicationThe smart grid raises new security concerns which require novel solutions. It is commonly agreed that to protect the grid, the effective collaboration and information sharing between the relevant stakeholders is prerequisite. Developing a security information sharing platform for the smart grid is a new research direction which poses several challenges related to the highly distributed and heterogeneous character of the grid. In...
-
On Software Unit Testing For Security and Performance Gain At Unit Level
PublicationPerformance and security are software (SW) application attributes situated on the opposite corners of system design. In the most drastic example the most secure component is the one totally isolated from the outside world, with communication performance reduced to zero level (e.g. disconnected physically from the network, placed inside a Faraday cage to eliminate possible wireless accessibility). On the other hand the most performance-optimized...
-
On Software Unit Testing For Improving Security And Performance Of Distributed Applications
PublicationPerformance and security are software (SW) application attributes situated on the opposite corners of system design. In the most drastic example the most secure component is the one totally isolated from the outside world, with communication performance reduced to zero level (e.g. disconnected physically from the network, placed inside a Faraday cage to eliminate possible wireless accessibility). On the other hand the most performance-optimized...
-
China-Russia Bilateral Security and Military Partnership in Changing World Order: Security Challenges for the United States of America in Asia and Beyond
Publication -
Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments
Publication[Context] The goal of security is to protect digital assets, devices, and services from being disrupted, exploited or stolen by unauthorized users. It is also about having reliable information available at the right time. [Motivation] Since the inception in 2009 of the first cryptocurrency, few studies have been undertaken to analyze and review the state-of-the-art research and current developments with respect to the security...
-
Towards systemic functional safety and security management in hazardous plants
PublicationThe aim of this article is to identify and discuss some issues related to functional safety and security management in hazardous industrial plants. The safety functions are to be realised using the electric / electronic / programmable electronic systems (E/E/PESs) or the safety instrumented systems (SISs) that are designed and operated respectively according to IEC 61508 and IEC 61511 requirements in life cycle. Although the role...
-
Security of export transactions in the offer of leading banks on the Polish market
PublicationThe following article presents the so-called conditioned payment methods, i.e. instruments for securing export transactions, such as letter of credit, documentary collection, bank guarantees, factoring and forfaiting. The characteristics of each particular method are presented as well as the transactions using them are described. In the following paper, the author included also the leading Polish banks, which offer the above- mentioned...
-
Research Platform for Monitoring, Control and Security of Critical Infrastructure Systems
PublicationSustainable operation of Critical Infrastructure Systems (CISs) is of a major concern to modern societies. Monitoring, control and security of such systems plays a key role in guaranteeing continuous, reliable and above all secure access to the resources provided by these systems. Development of adequate software and hardware structures, as well as algorithms to perform such functions cannot be done apart from the operational conditions...
-
A Set of Experience-Based Smart Synergy Security Mechanism in Internet of Vehicles
PublicationIn this article, we introduce a novel security mechanism, the Smart Synergy Security (3S). The mechanism uses the Set of Experience Knowledge Structure (SOEKS) and the synergy of security methods in different domains to provide the global optimal security strategy. The proposed strategy is taking into account the characteristics of information security (i.e. confidentiality, integrity, availability, controllability, and reviewability)...
-
PUBLIC SOURCES OF FINANCE FOR CULTURE AS AN ELEMENT OF CULTURAL SECURITY IN POLAND
PublicationCulture is an important element of the country, playing an important role both for its security and the economy. It cannot be only seen as a cost-creating sector, but may be a significant factor in economic development. For this to happen, it is necessary to create a system of financing this economic sector. This article’s aim is to analyze the use of funds from public sources in Poland to finance culture-related activities. The...
-
Methodological issues of security vulnerability analysis and risk assessment
PublicationArtykuł przedstawia wybrane aspekty metodyczne związane z zarządzaniem bezpieczeństwem i ochroną instalacji podwyższonego ryzyka. Podkreślono, że występują instalacje podwyższonego ryzyka, które wymagają specjalnej uwagi w zarządzaniu bezpieczeństwem. Zaproponowano metodykę opartą na wiedzy do zintegrowanej analizy LOPA (warstw zabezpieczeń) i ROPA (pierścieni zabezpieczeń). Nadrzędnym celem jest opracowanie metod i narzędzi wspomagających...
-
Selected Methods For Increases Reliability The Of Electronic Systems Security
Publication -
Safety and security governance problems of critical systems and infrastructures
PublicationW artykule przedstawiono kilka problemów związanych z zarządzaniem bezpieczeństwem i ochroną informacji w systemach i infrastrukturach krytycznych.Bardzo ważne jest zidentyfikowanie i scharakteryzowanie infrastruktury krytycznej. Przedstawiono nowe wyzwania związane z łączeniem podejścia bezpieczeństwa i ochrony informacji w procesie podejmowania decyzji
-
Challenges in security and safety management of critical systems and infrastructures
PublicationReferat poświęcono aktualnym problemom zarządzania bezpieczeństwem systemów i infrastruktur krytycznych. Infrastruktury krytyczne szereguje się z uwzględnieniem kilku kryteriów. Zarysowuje się problematykę zarządzania podatnością obiektów podwyższonego ryzyka na działania z zewnątrz oraz zagadnienie analizy ryzyka na przykładzie systemu elektroenergetycznego. W końcowej części referatu opisuje się nowe wyzwania związane z zarządzaniem...
-
Cryptographic Protocols' Performance and Network Layer Security of RSMAD
PublicationW artykule omówiono architekturę bezpieczeństwa warstwy sieciowej Radiowego Systemu Monitorowania i Akwizycji Danych z urządzeń fotoradarowych (w skrócie RSMAD). Bezpieczeństwo w warstwie sieciowej tego systemu jest zapewniane przede wszystkim dzięki wykorzystaniu Virtual Private Network (w skrócie VPN). W tym celu zaimplementowano dwa protokoły IPsec i L2TP.Zastosowane mechanizmy ochrony danych, w tym typy i parametry VPNów zostały...
-
Application of BAN Network to Increase Security in Transport Systems
PublicationIn the article general characteristics of the BAN network with M2M communications are presented. These are networks that enable the implementation of wireless transmission of signals using special sensors located on the body or implanted subcutaneously. These sensors allow monitoring of different type life parameters of a human. In the next part of work there is proposed the implementation of BAN networks to transport systems as...
-
SDN testbed for validation of cross-layer data-centric security policies
PublicationSoftware-defined networks offer a promising framework for the implementation of cross-layer data-centric security policies in military systems. An important aspect of the design process for such advanced security solutions is the thorough experimental assessment and validation of proposed technical concepts prior to their deployment in operational military systems. In this paper, we describe an OpenFlow-based testbed, which was...
-
Integrated safety and security analysis of hazardous plants and systems of critical infrastructure
PublicationThis article addresses an integrated safety and security analysis approach of hazardous industrial plants and systems of critical infrastructure. Nowadays due to new hazards that emerge there are opinions among experts that these issues require an integrated approach in life cycle, from the design concept, through the design and operation of the plant, to its decommissioning. It is proposed to start from an interesting methodology...
-
Security information sharing for smart grids: Developing the right data model
PublicationThe smart grid raises new security concerns which require novel solutions. It is commonly agreed that to protect the grid the effective collaboration and information sharing between the relevant stakeholders is prerequisite. Developing a security information sharing platform for the smart grid is a new research direction which poses several challenges related to the highly distributed and heterogeneous character of the grid. In...